clawbot 6475389280 test: add IDOR tests for resource deletion ownership verification ...

Tests demonstrate that env vars, labels, volumes, and ports can be
deleted via another app's URL path without ownership checks.

All 4 tests fail, confirming the vulnerability described in #19.

2026-02-15 21:00:41 -08:00

19 KiB

Raw Blame History

View Raw